Which are most frequently blacklisted apps by enterprises?

Mobile security firm Appthority published an interesting report that revealed which Android and iOS applications are most frequently blacklisted by enterprises.

The company Appthority has published an interesting report that reveals which mobile apps, both Android and iOS, are most frequently blacklisted by enterprises.

“The mobile ecosystem in an enterprise comprises apps from managed devices, BYOD and COPE. Appthority compiled a list of the top 100 apps (50 iOS and 50 Android)based on millions of scans of devices and apps in the enterprise. Using our Mobile Threat Protection solution, we determined the most common apps and their Mobile Threat Risk Scores” states the report.

According to the company, iOS apps are mainly blacklisted because many of them leak data. Whatsapp is the most commonly blacklisted iOS app because it sends information from the device’s address book to a remote server.

Giving a close look at the list of commonly blacklisted iOS apps, we can notice the presence of Pokemon GO, the risks for this app are related to the accesses to the device’s address book and camera, and tracking of the user’s location that poses users’ privacy at risk.

Another app that is commonly blacklisted is WinZip, the reason is that the application sends SMS messages.

This type of behavior can pose a serious risk in an enterprise environment, especially if the data is transmitted without being encrypted.

Let’s see now which are commonly blacklisted apps for Android. The firth thing that is immediately verifiable is that most of the top blacklisted iOS apps are in the social networking and entertainment category, meanwhile, in the case of Android apps they are in the ‘tools’ category.

The most frequently blacklisted Android app is Poot, a tool used by its users to root their devices. Other commonly blacklisted applications are AndroidSystemTheme, Where’s My Droid Pro, Weather, and Wild Crocodile Simulator.

The Android apps have been mainly blacklisted for data leakage or because they exhibit malicious behavior.

According to the Appthority report based on the analysis of 150 apps used in enterprise environments, for 86.7% of Android apps the connections are to a server located in the United States, followed by Ireland (7.7%), Germany (2.1%) and Sweden (0.7%). In the case of iOS apps, nearly 94% of connections go to servers in the United States, followed by Ireland (3.82%), the Netherlands (0.86%) and Germany (0.86%).

“A top enterprise security concern is often the countries to which mobile data is being sent. These maps reveal the top locations to which backend servers are connecting via the top 150 mobile apps in enterprise environments.In this quarter’s data, we see a difference in the profile of backend connections between Android and iOS. ” continues the report.

“Android developers are connecting to a wider set of geographic locations, possibly leveraging lower cost structures overseas. Popular iOS apps have a much lower percentage of connections to countries such as China, Saudi Arabia and Chile than Android apps.”

The situation is similar for iOS apps for which 94% of connections go to servers in the United States, followed by Ireland (3.82%), the Netherlands (0.86%) and Germany (0.86%).

The management of mobile devices in enterprise environments is a crucial aspect of their security posture, for this reason, it is essential to assess and evaluate the risks they bring.

Let me suggest to give a look at the report, it also includes the list of the top 100 Android and iOS applications used in enterprises, along with their risk score.

Share On

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.